Guild Wars 2

Some of us are on a community site, but out of the hacked players only 4 that I am aware of. Furthermore I can certainly say of myself that my game, and email passwords are unique and unused for any other website/game/service. I actually changed it a little over a week ago – if I recall correctly – to a brand new password (following other support issues).

With a high frequency in short time all coming from the same server, I can only assume it is a player on the server looking for commander icons/cultural gear/legendaries on players as a way of finding a target with lots of gold. Then using the report function to gain their account+character names.

The serial code is the issue here, every dealing I have had with support so far has required my serial code, which only exists in physical form or in the ArenaNet databases as my game was bought from another site (one listed in ArenaNet’s retailers list not a random 3rd party one).

I’d be wary of that community site.

Of course, but as said different passwords are used, and majority of the hacked players are not members of the site.

Password for mail, community site, guild forum and GW2 are all different. I know that’s hard to believe but it’s like this.

Also, when i was hacked in September, i bearly started playing since it was freshly released. And it was working the same, with email changing request…

Which means what? They had access to my info back then, before i ever used GW forums or any other forum regarding the game.

Could it be internal?!? O.O I hate to say it but it’s scary sometime. I’ve heard WoW Blizzard internal staff steals accounts. I don’t like pointing this at someone but it’s just my opinion.

/end

We know its a french guy who has some sort of vendetta against the richer and more known players on our server… thats the extent of our knowledge .. It feels like we know more then anet atm unfortunately:/

Could someone from Arenanet please confirm that changing email via a support ticket does not remove the mobile authenticator, otherwise this is ridiculous.

Please keep this post alive with any relevant info guys! We can help Anet by keeping our info in one place

I’ve been hacked last night at 9 pm … Indeed i get DC at 8.45pm in Fractal after 2hours, first I thought it was due to my freebox so get disgusted I left the game.

Then I back at 10.45pm tried to log several times and wasn’t able to access … I also tried to log in the forum and the message said that my email adress was no more available.

After this, I check my account mail and noticed that Arena net sent me a message (in french) at 8.2pm telling me that they received a request to change the adress (and hope that was from me) thus they just did it without any validation or prevention for unknow IP connection.

I joined the support to recover my account at 11.45pm and was able to log in tonight.

Fortunately my characters weren’t deleted but the all stuff : armor-weapon-materials and the guild bank were gone … My elem is naked without any stuff and my mesmer kept only her karma armor (maybe cauze it’s impossible to salvage or sell) and my bank shows only 29 copper … Moreover my guild bank which I ve access was also empty -_- …

Just lost 820h of geeking and arena net won’t make any roll back …
I wanna add that I got the T3 armor + nice exotic wp and golden title on …. maybe the hacker pointed me thanks to that ….

At last I ve to say that I always take care to my loggin informations : the password was very complicated, the mail authentificator was activated and the adress was only dedicated to the game, no one else know any of these informations.

Just before the hack I was at lion’s arch in overflow server near the bank …. My home serve is Vizunah Square.

Just to add some details.
Password is unique.
Server is FC.
No one has my password.
virus and spyware/malware protection is up to date and clean.
they seem to focus on gold/collectables and anything they could sell.
they obviously have to email the gold/items to another character, why can’t this be tracked and those ips/accounts be identified and stopped from doing this further.
Also I refuse to buy any more gems until this issue is addressed.

Someone on reddit posted this, which sounds pretty logic:

If the hacker is singling out in game characters by name and calling out his next attack he is not using some big password db or hack.

When you move close enough to another character, the game sends a wealth of information about that character to your computer. What’s obvious is the characters features, armour type, name, title..etc, things you can see on the screen. Perhaps there is additional information transmitted (such as an identification code) that a hacker can exploit.

That seems to me to be a reason why its only on that server (unless the hacker changes servers) and can be so specific.

Not saying this is it, but it is worth looking into it. I have a feeling GW2 is one of those games which do a lot on the client-side because they want to unload the server as much as possible. The disadvantage is that a lot of data information is on the client side, which sometimes can be manipulated fooling the server with wrong information.

The info only helps with ensuring the targets you want.

The way to change one’s email is still done via tickets on support, ergo, hackers kind of had the blessing of the staff to go on xD

Well i’m joking (not really). But the point is, it’s done via support seeing how that’s the only way to change email. Now the real question is: Did they get all our info (like serial code/bills/CC info and whatnot) or was it simply a flaw in ArenaNet’s system

ZohanLannister.1245:

This is purely aimed at high profile players from ROS server. And is not coming from there security issues. It has to be coming from games side. How else can they the hacker think "right irontodge is next " and then suddenly know all his information? email address etc. He cant ! what he does know is hes on ROS has Commander and is very active. so he know has his game id and somehow from this he gets to log in and strip him bare.

Maybe you have been ‘followed’ by a long period of time, but sounds more legit that anet has been breached.

Do you live in a common country or area or something like that?

I hope all gets fixed asap

Hi Norax,

We know for sure the guy is targeting commanders and people with the golden title. It is a French guy being malicious.

He is targeting commanders and people with the golden title because we are more likely to be wealthy.

He must have really hated me as he deleted my characters, as far as I know, no others have been deleted.

Well from what i understood, you whispered him directly and stuff.

Which means he could have acted like that as a payback.

Either that, or they worked as a group, thus more modus operandi might vary from one to another.

I have never spoken to the guy as far as I am aware. I was hacked way before that image you see of some one whispering the hacker

Well i was there when we were talking to the hacker on Freyn’s char.

Well, someone whispered him directly, and lost all his chars and stuff. That’s why i thought..

That was Penny.

I whispered Freyn when he was getting disconnected over and over again to move his stuff off his account.

I was hacked 3 days ago mate. Please don’t try to make out like I asked for it:/

Nooo. I know you were hacked before -.-

I must have confused you with someone else, while trying to figure the MO of the hacker. I just implied what i said previously, in an attempt to see the malicious part, not only the “lets get rich” part.

I’ll take you out of the equation if you did not such thing ^^.

Point is, there were different MOs…Some were “nicer” some were destructive

Aye no worries.

I only hope that a server rollback will be done if anet decide it is an issue at their end. Dawn was not cheap..

Irontodge.9524:

Hi Norax,

We know for sure the guy is targeting commanders and people with the golden title. It is a French guy being malicious.

He is targeting commanders and people with the golden title because we are more likely to be wealthy.

He must have really hated me as he deleted my characters, as far as I know, no others have been deleted.

I was refering to be able to get your sesion token, ip, or some kind of thing, more related with real life than with ingame things (which can be possible) but just to discard. Like sameplace living friends or something like that (which seems unlikely knowing that since it goes for ‘golden’ ppl).

Gold sellers use to stay close to banks so they can get player names to send ingame mails, which fits perfectly with this case. Knowing what kind of title has a player (is info your pc recieves) to try to exploit something else knowing his account name, plus some other stuff can lead to the exploit.

Lets see how all this end.

Edit: I seriously doubt that they will make a rollback. They didnt made such a thing with the ppl that exchange karma weapons for gold.

Well judging by the official response, this will probably end with a pat on the shoulder and a “Good luck starting over!”

But i still have hopes they can first of all prevent this from happening in the future once they find out where the flaw is, and maybe even consider doing the right thing and doing such a rollback for us.

I think the first step for anet is to admit that there is an issue. A lot of us have been told things like our emails were not secure (when they were and still are).

I would accept a public apology at the very least. A lot of us love anet and the work they are doing, but can’t help but feel somewhat alone in the dark at the moment.

The same thing happened to me on a french server 2 days ago, received an email telling me my email account have been changed. I was in game and disconnected, unable to reconnect.
All the stuff on my 3 lvl 80 has gone (vision of the mysts, arah stuff, human T3, …).
My guildies tried to speak to the one that logged in my account, he said in french : “You ’ll tell him thanks, ok?”

No other IP connexion on my email, no trojan (spybot, avira, adaware, hijackthis found nothing) and never told my password to anyone (only use this pass for guild wars), nobody have access to my pc…

Feel very disappointed, think i will not continue to play gw2…

Me and many other people on our server and guild are really worried now that someone can apparently bypass e-mails, passwords, authenticators. I hope they’re pushing for the rollback of items program ASAP. I won’t feel safe till I know any damage done can be undone.

Honestly I don’t care anymore if they put restoration service… Unless they somehow give me back my stuff there is no reason to stay here, and this silence since 24h from Anet isn’t good.
At least a ’we’re looking into this’…?

I don’t know how relevant the French part of this is, but I assume that most of the tickets are being looked into by Arenanet and they are making absolutely sure that the cdkey was provided in the case of these accounts being stolen.

However, a few people have said that they bought the game retail and thus there is no way the cdkey can have been provided unless they have found some way to get it.

Could Arenanet please make a statement that the tickets are being looked into?

Also, asking people for things like character names and codes seems strange because they are both freely available. Why not add a security question someone can choose for customer support to ask them?

All IT-workers know one thing:

The security of the e-mail is same as security as postcard or poster. That’s the issue.

Would just like to point out that this all happened since the “one time world event”
at this time there was a free GW2 trial going on so many clients got to play the game for free. Pretty much a big invite for any hackers to come in and take alook around the servers and see the more active players etc. It seems to be now spreading from ROS to other servers. Anet really should respond to this now some guilds have transfered servers while other players are quitting. Im sure they dont want this to happen but they are not helping out matters at all atm.

Obviously there s a real failure from Arena net … All victims have the same profil and received the same email for changing adress without any alarm to allowed unknow connection …

Besides the matter happened after the free trial and one-time event … why did they spend so much time to work on these instead of set in up a TOOL to enable the roll back ????

Plz just make a huge server back to before the one-time event ….

ArenaNet, you’ve promised to look into this and give back a response regarding the sittuation…

Could you give us anything? We’re waiting for hopes here xD

Arena Net WONT reply until their databases that have been breached are fixed this is to make sure that no false hope is given on resetting accounts.

Something to make you all realise
==KEY==
Police = Anet
Gypseys(travelers)=Hackers

Police dont mess with Gypsey’s They only move them (slow the hackers down) or Give a Crime Number out ( Tell you to open a Support ticket for False Hope)
i hope you all understand this definition and i am very sorry for all of your losses.

They won’t reset accounts mate, so I don’t need any hope…
I’m just asking a ’we’re still looking into this’, nothing much. This silence could also mean they’re not caring, which I hope is not the case, but meh…

Hello everyone,

First of all I want to say that we’re not hacked because of a “weak password”! If You want to believe this I wont argue, but in my experience this was never an issue. I have used a much weaker password and the same for years when I have played WoW (6 letters long, no capital letters, etc=really weak) and got hacked 0 times for years. In GW2 I use much stronger password and I am confident in that I am not the one to blame for being hacked. Well w/e the reason ALL MMOs that want to be on top and “the best out there” have system that will keep their players there and satisfied with the support. It is hilarious to not have a rollback system in a game, released in 2012. With that said even if You are too busy to have one (no comment) it is not true that You cannot do anything to help players with their issue. Most of the people have lost in-game items, which can be send via mail and that will make things almost the same as before (at least until there is a rollback system). I’m not talking about a compensation for the troubles and the time that we have lost, but they CAN restore some of the things, make issue not so big and keep up the players that have spent so much time in their game. Of course I can only make a suggestion such “send what we have lost” (which is possible and better than “Go look for a ‘Renown Heart’ NPCs to start again”).

I have played this game for 860+ hours, home world – Desolation, 6 characters and reason to be hacked seems to be my ‘Golden’ title. I haven’t lost things that can’t be restored (collectables, items and gold worth 400 or maybe close to 500 gold). I am still asking for a compensation of course and If there is not a normal response from their side I’ll quit for sure. This isn’t the only game out there and it will never be any better if this is what we get as ‘customers’.

Best wishes,
Plesh

The hacker can act in several servers so he must be collecting database from overflow and target only account with around 800hours or more nice stuffed and titled …

As far as for me I played 820h and lost like 500gold …

Otherwise stop saying the issue came from weak personnal security cauze that’s totally wrong since we aren’t responsible at all ….

For the moment I can only advise players who have spend more than 650 hours and showing some nice stuff to avoid lion arch especially the bank and the TP.

Hope that Arena net will clarify the situation asap….

Can Anet confirm what is happening with these hacking issues yet please?

Gaile Gray.6028:

Maetel.2130:

They won’t reset accounts mate, so I don’t need any hope…
I’m just asking a ’we’re still looking into this’, nothing much. This silence could also mean they’re not caring, which I hope is not the case, but meh…

Sorry, Maetel, I just saw this post, but I did write that note a few minutes ago. You can bet on it: We care and we’re investigating.

Incidentally, account restorations are very, very close.

Being one of the people who got hacked and losing everything (including tons of gold in mats, a legendary bow [The Dreamer]), and much much more… seeing you type “Incidentally, account restorations are very, very close.” Just made my night… it would be nice to have my hard work back as well as my sense of security. I look forward to these restorations and thank you all at Anet for looking into this issue.

this reminds me of sword art online
CREEEEPY

The sad fact is that everyone who is complaining has already paid 60$ (if not more). Any issues that chase players off or scare them from playing often lessen the load on the servers, meaning A-net gets to save money.

They already have your money. Helping you will cost them more money. Acknowledging that their servers are indeed infected / threatened / dangerous would cost them more money. Every other gaming company I’ve ever been a part of has responded to threats like this very quickly, and with lots of feedback to the players. There is one difference : Those games had monthly fees. The service had to be good for them to continue making money.

A-net already has our money, and keeping players around will only cost them more money.

This statement stands firm until the problem is solved and we get some decent feedback. You dropped the ball. There is a hole in the server. I mean come on, it is absolutely the only possibility here. Some of my friends who have gotten hacked didn’t even use ANY guild wars sites. And their e-mails are still secure.

Don’t skirt around trying to BS us. Your servers are threatened. You’d be much better off letting us know about the threat and we can decide if we want to chance it or not. Otherwise, some very important information might be taken – and that’d be on your head.

If playing the game can simply get you hacked, I’d rather not play until this gets sorted out. Welp, time to take a break and do something else for the time being.

AncientCWS.5342:

They already have your money. Helping you will cost them more money.

[…]

A-net already has our money, and keeping players around will only cost them more money.

Because God knows, no one has ever paid money for gems and then spent said gems on stuff in the store, and then bought more gems later.

Nor has anyone ever shown a friend the game, or even just told a friend about it, and had said friend go out and buy it because of the recommendation. Ever.

There is a hole in the server. I mean come on, it is absolutely the only possibility here. Some of my friends who have gotten hacked didn’t even use ANY guild wars sites.

You’re aware that they can take logins/passwords from one site and enter them into any other site, right? Even if the two sites are completely unrelated?

And their e-mails are still secure.

Or so you think – just because the password hasn’t been changed on the emails doesn’t mean the account is secure. Hell, if I hacked an email account, changing the password’s the LAST thing I’d do, to avoid tipping off the target.

Don’t skirt around trying to BS us. Your servers are threatened. You’d be much better off letting us know about the threat and we can decide if we want to chance it or not. Otherwise, some very important information might be taken – and that’d be on your head.

Totally doesn’t sound like you’re saying “I’m about to pwn your servers. Own up if you ever want to see them alive again, muahahaha” at all. Not even a little bit.

cybergeek.8974:

AncientCWS.5342:

They already have your money. Helping you will cost them more money.

[…]

A-net already has our money, and keeping players around will only cost them more money.

Because God knows, no one has ever paid money for gems and then spent said gems on stuff in the store, and then bought more gems later.

Nor has anyone ever shown a friend the game, or even just told a friend about it, and had said friend go out and buy it because of the recommendation. Ever.

There is a hole in the server. I mean come on, it is absolutely the only possibility here. Some of my friends who have gotten hacked didn’t even use ANY guild wars sites.

You’re aware that they can take logins/passwords from one site and enter them into any other site, right? Even if the two sites are completely unrelated?

And their e-mails are still secure.

Or so you think – just because the password hasn’t been changed on the emails doesn’t mean the account is secure. Hell, if I hacked an email account, changing the password’s the LAST thing I’d do, to avoid tipping off the target.

Don’t skirt around trying to BS us. Your servers are threatened. You’d be much better off letting us know about the threat and we can decide if we want to chance it or not. Otherwise, some very important information might be taken – and that’d be on your head.

Totally doesn’t sound like you’re saying “I’m about to pwn your servers. Own up if you ever want to see them alive again, muahahaha” at all. Not even a little bit.

Cyber has good points, even if it did cost a bit to reimburse those that got hacked, or even account restorations that were talked about above, these players aren’t going anywhere if they were to get their stuff back (i know i wouldn’t). These players have put countless hours into the game (myself included with a little under 1,400 hours), and more than likely money into gems as well. Also, another great point is telling friends about the game, and have them buy it. So as i see it, in the long run, giving these players back what they have worked so hard for would be a very smart move on their part.

Perfectxshot.6712:

Being one of the people who got hacked and losing everything (including tons of gold in mats, a legendary bow [The Dreamer]), and much much more… seeing you type “Incidentally, account restorations are very, very close.” Just made my night… it would be nice to have my hard work back as well as my sense of security. I look forward to these restorations and thank you all at Anet for looking into this issue.

Hope for the best, expect the worst.

The worst in this case being that they won’t be able to do account restorations prior to the implementation of said restoration functionality. Or in other words, they might not be able to restore the things you lost, even if they put in the account restoration tomorrow.

But here’s to hoping that you do, in fact, have the things you lost restored to your account.

Nkuvu.2570:

Perfectxshot.6712:

Being one of the people who got hacked and losing everything (including tons of gold in mats, a legendary bow [The Dreamer]), and much much more… seeing you type “Incidentally, account restorations are very, very close.” Just made my night… it would be nice to have my hard work back as well as my sense of security. I look forward to these restorations and thank you all at Anet for looking into this issue.

Hope for the best, expect the worst.

The worst in this case being that they won’t be able to do account restorations prior to the implementation of said restoration functionality. Or in other words, they might not be able to restore the things you lost, even if they put in the account restoration tomorrow.

But here’s to hoping that you do, in fact, have the things you lost restored to your account.

well ya, hoping they can of course, but after being hacked, you cant really get anymore low haha, its just the last sliver of hope… and even if they cant restore what was lost, im hoping they will at least reimburse what was lost(all non-account bound items perhaps) guess we will find out when “very very close” happens…

Perfectxshot.6712:

I look forward to these restorations and thank you all at Anet for looking into this issue.

Last I heard, Restore point 0 will be the day the service goes live, unfortunetly (Anet post, I think from Gaile)

You do know that the rollback feature is not retroactive right? Meaning once it’s implemented, any past hacked players are still stuck.

Loli Ruri.8307:

You do know that the rollback feature is not retroactive right? Meaning once it’s implemented, any past hacked players are still stuck.

well, thats why i said “…and even if they cant restore what was lost, im hoping they will at least reimburse what was lost”. And even if they dont do that, at least others wont be completely screwed over like i was … but im hoping thats not the case…